/**
 *Copyright (c) 2017- https://gitee.com/allmx/master.git
 * hhqk-lmx:下午4:15:23
 */
package org.hhqk.admin.login.shiro;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.hhqk.admin.mybatis.serviceImpl.UserServiceImpl;
import org.hhqk.mybatis.entity.User;
import org.hhqk.mybatis.entity.UserCriteria;
import org.springframework.beans.factory.annotation.Autowired;


/**
 * @author Administrator ShiroRealm.java 2017年11月16日
 *         <p>
 *         description:
 *         </p>
 */
public class ShiroSecurityRealm extends AuthorizingRealm {
	
	//这个注入配置应该设为可配置
	@Autowired
	UserServiceImpl userService;

	public ShiroSecurityRealm() {

	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.apache.shiro.realm.AuthenticatingRealm#doGetAuthenticationInfo(org.
	 * apache.shiro.authc.AuthenticationToken) 1、登录时调用
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authtoken) throws AuthenticationException {
		System.out.println("shiro security login");
		UsernamePasswordToken token = (UsernamePasswordToken) authtoken;
		String userName = token.getUsername();
		if (userName == null) {
			throw new AccountException("用户名不能为空");
		}
		String passWord = "";
		if (token.getPassword() != null) {
			passWord = new String(token.getPassword());
			// 密码加密
		}
		// 查询数据库,进行判断,能不能独立。。 user userservice ,通用模块组件
		List<User> users = null;
		try {
			UserCriteria example = new UserCriteria();
			example.createCriteria().andUsernameEqualTo(userName).andPasswordEqualTo(passWord);
			users = userService.selectByExample(example);
		} catch (UnknownAccountException e) {
			throw new UnknownAccountException("未知用户名");
		} catch (IncorrectCredentialsException e) {
			throw new IncorrectCredentialsException("无效密码");
		} catch (LockedAccountException e) {
			throw new LockedAccountException("无法使用");
		}
		//把用户存入shiro session中方便其他有需要的地方调用
		setSession("CurrentUser", users.get(0)); 
		return new SimpleAuthenticationInfo(users.get(0), users.get(0).getPassword(), this.getName());
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.apache.shiro.realm.AuthorizingRealm#doGetAuthorizationInfo(org.apache
	 * .shiro.subject.PrincipalCollection) 2、授权时调用
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		return null;
	}

	private void setSession(Object key, Object value) {
		Subject subject = SecurityUtils.getSubject();
		if (null != subject) {
			Session session = subject.getSession();
			if (null != session) {
				session.setAttribute(key, value);
			}
		}
	}

}
